HDPA (Greece) - 8/2021
|HDPA - 8|
|Relevant Law:||Article 4(7) GDPR|
|National Case Number/Name:||8|
|European Case Law Identifier:||n/a|
|Original Language(s):||Greek |
|Original Source:||Αρχή Προστασίας Προσωπικών Δεδομένων (in EL) |
Αρχή Προστασίας Προσωπικών Δεδομένων (in EL)
The Greek DPA fined a political candidate €2000 for processing personal data for the purpose of political communication via email without the data subject's consent.
English Summary[edit | edit source]
Facts[edit | edit source]
The complainant received an SMS from the political candidate which was promoting the candidate’s participation at the municipal elections without having granted a consent to do so. The political candidate, wasn’t able to provide proof that the complainant and other data subjects gave their consent for the processing.
Dispute[edit | edit source]
Was the political communication legal under article 4 GDPR?
Holding[edit | edit source]
The DPA held that in the light of Article 4 GDPR, Article 13 of the national law 3471/2006 and Article 11 of the national law 3471/2006, the political communication for the purposes of the promotion of the candidate’s political campaign, can be considered legal only after the granting of explicit consent. Political communication without consent is possible only if the data subject has been given his personal details and was informed that the details will be used for the purposes of the political communication. Moreover the data subject should be able to withdraw and refuse this processing.
For this reason the DPA fined the candidate for unlawful processing of data by a 2000€ fine.
Comment[edit | edit source]
Share your comments here!
Further Resources[edit | edit source]
Share blogs or news articles here!
English Machine Translation of the Decision[edit | edit source]
The decision below is a machine translation of the Greek original. Please refer to the Greek original for more details.